Skip to main content

Xerces

1 CVEs product

Monthly

CVE-2020-14338 Maven MEDIUM PATCH This Month

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xerces
NVD
CVSS 3.1
5.3
EPSS
1.3%
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Xerces
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy